locked
DNS Server Doesn't resolve some domains RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Guys

    3 Days ago, our ISP had a serious problem with their DNS Servers. This resulted in across the country failure for all those using that ISP. The problem has since been resolved.

    Now here is my problem. We have an AD Server, which is also our DNS and DHCP Server, running Win Server 2008R2. What is happening now is that after this failure, we cannot access certain domains, specifically international domains (.com, .co.uk, etc). We can see our local domains (.co.za). I ran flushdns on both the server and our Fortigate UTM, including on some user machines, as per the advise of the ISP. But no resolve. As it is now, our Exchange Server is not sending emails, it keeps failing to resolve domain names as well. It receives thou and our OWA is also working fine.

    There's no special forwarders or whatever configured on the DNS Server. I left the default config as is when we did the initial config.

    The AD's Network card is configured with its local IP as the DNS Server IP. When I enter the ISP's DNS as the Secondary DNS, I get all websites etc from the server. Even when I do that with Exchange, it sends emails etc. But this was not the configuration and I therefore don't want to use it, more cos I don't want to use the ISP's DNS on client machines. I would like for my original config to work as it did before.

    What could be causing this problem... Please help.

    Monday, May 20, 2013 7:27 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Try adding forwarders to some public DNS servers leave the box ticked which says use root hints if forwarders are not available. Also like Jermey said if you run the following you can look at the debug information of the DNS lookups

    NSLOOKUP

    SET DEBUG=ON

    domainname.com

    That will show you what is happening with the request you can also use SET D2=ON which will give you even more information on the lookup.

    8B17

    • Marked as answer by Tumi M Wednesday, May 22, 2013 7:02 AM
    Tuesday, May 21, 2013 10:49 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,


    Thanks for the post.


    Please provide us unedited ipconfig /all from your DC.


    Also, you can try to troubleshoot the issue using Nslookup with debug switch.


    Nslookup: set debug

    http://technet.microsoft.com/en-us/library/bb490733.aspx


    Look forward to your response.

    Jeremy Wu
    TechNet Community Support

    Tuesday, May 21, 2013 6:31 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Try adding forwarders to some public DNS servers leave the box ticked which says use root hints if forwarders are not available. Also like Jermey said if you run the following you can look at the debug information of the DNS lookups

    NSLOOKUP

    SET DEBUG=ON

    domainname.com

    That will show you what is happening with the request you can also use SET D2=ON which will give you even more information on the lookup.

    8B17

    • Marked as answer by Tumi M Wednesday, May 22, 2013 7:02 AM
    Tuesday, May 21, 2013 10:49 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    verify with your ISP their preferred dns server(s). Verify these ip adress are (still) configured as forwarders on your domain's dns servers. If that seems ok, clear the cache of your dns server Clear the server names cache

    If the issue persists on one or more dns clients, use ipconfig /flushdns to flush the client's cache as well. Remember you firts need to clear the server cache, and only afterwards that of clients (if needed).

    MCP/MCSA/MCTS/MCITP



    • Edited by SenneVL Tuesday, May 21, 2013 11:40 AM
    Tuesday, May 21, 2013 11:37 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Guys

    Ok, from you responses, this is what I did:

    I cleared the cache on the DNS Server.

    I did Nslookup

    I'm not sure how to: "Verify these ip adress are (still) configured as forwarders on your domain's dns servers". Please give me steps to do that. ISP did however confirm that those DSN Servers are still their primary ones. And they are still configured on the Foritgate UTM, which is also acting as the Gateway. 

    .


    Tuesday, May 21, 2013 4:52 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Guys

    Just to update you. I have just tried 8B17's Solution and it seems to be working. I will monitor it further and see. Thank you all for your help, really appreciate it.

    Wednesday, May 22, 2013 7:02 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I guess what helped yiu was a) clearing the dns server cache or b) waiting until all caches expired.

    In regard of configuring the forwarders; check this technet article: http://technet.microsoft.com/en-us/library/cc754941.aspx

    MCP/MCSA/MCTS/MCITP

    Wednesday, May 22, 2013 7:42 AM